Pomalý PC, vyskakující reklamy

[KaterinaS]

Moc prosím o pomoc, PC je strašně pomalý, pořád mi vyskakují reklamy, nefungují mi vyhledávače a některé stránky se mi vůbec nenačtou...
RSIT je /snad jsem to udělala dobře:
Logfile of random's system information tool 1.09 (written by random/random)
Run by user01 at 2014-01-19 15:55:58
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (2%) free of 153 GB
Total RAM: 1919 MB (24% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 15:56:17, on 19.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe
C:\Program Files\FileZilla Server\FileZilla Server Interface.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Documents and Settings\user01\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe
C:\Documents and Settings\user01\Local Settings\Data aplikací\WebPlayer\AppsHat\WebPlayer.exe
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Application Updater\ApplicationUpdater.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Java\jre6\bin\jqs.exe
C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
C:\Program Files\LemurLeap\updateLemurLeap.exe
C:\Program Files\LemurLeap\bin\utilLemurLeap.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\McAfee Security Scan\3.8.130\McUicnt.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\Program Files\Mozilla Firefox\plugin-container.exe
C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
C:\WINDOWS\system32\calc.exe
C:\Documents and Settings\user01\Dokumenty\Stažené soubory\RSIT.exe
C:\Program Files\trend micro\user01.exe

R0 - HKCU\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R0 - HKLM\Software\Microsoft\Internet Explorer\Main,Start Page = http://my.myplaycity.com/
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
R3 - URLSearchHook: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll
R3 - URLSearchHook: UsProvider Class - {539F76FD-084E-4858-86D5-62F02F54AE86} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: MinibarBHO - {AA74D58F-ACD0-450D-A85E-6C04B171C044} - C:\Program Files\Minibar\Minibar.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O3 - Toolbar: pdfforge Toolbar - {B922D405-6D13-4A2B-AE89-08A030DA4402} - C:\Program Files\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [SearchSettings] "C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe"
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\user01\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\user01\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKCU\..\Run: [SDP] C:\Documents and Settings\user01\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe /auto
O4 - HKCU\..\Run: [AppsHat] C:\Documents and Settings\user01\Local Settings\Data aplikací\WebPlayer\AppsHat\WebPlayer.exe
O4 - HKCU\..\Run: [Apps Hat] C:\Documents and Settings\user01\Local Settings\Data aplikací\WebPlayer\AppsHat\WebPlayer.exe
O4 - HKCU\..\Run: [WINZIPDUDriverUpdater] C:\Program Files\WinZip Driver Updater\winzipdu.exe -rem
O4 - HKCU\..\RunOnce: [FlashPlayerUpdate] C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe -update plugin
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: Visit AppsHat.com - {AAA38851-3CFF-475F-B5E0-720D3645E4A5} - C:\Program Files\Minibar\Minibar.dll
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O20 - AppInit_DLLs: C:\DOCUME~1\ALLUSE~1\DATAAP~1\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\SAFETY~1\SAFETY~2.DLL
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: Application Updater - Spigot, Inc. - C:\Program Files\Application Updater\ApplicationUpdater.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O23 - Service: SafetyNut Manager (SafetyNutManager) - SafetyNut Inc. - C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe
O23 - Service: Update LemurLeap - Unknown owner - C:\Program Files\LemurLeap\updateLemurLeap.exe
O23 - Service: Util LemurLeap - Unknown owner - C:\Program Files\LemurLeap\bin\utilLemurLeap.exe
O24 - Desktop Component 0: (no name) - http://res01-cz.geewa.ws/werebox/res/sc ... t1_320.jpg

--
End of file - 12273 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WinZipDriverUpdater_UPDATES.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default

prefs.js - "Keyword.Enabled" - "true"
prefs.js - "browser.startup.homepage" - "http://www.search.ask.com/?o=APN10640A& ... 81-229&t=4"
prefs.js - "extensions.enabledItems" - "{CAFEEFAC-0016-0000-0018-ABCDEFFEDCBA}:6.0.18, jqs@sun.com:1.0, {20a82645-c095-46ed-80e3-08825760534b}:1.1, pdfforge@mybrowserbar.com:5.8, wtxpcom@mybrowserbar.com:5.8, {972ce4c6-7e08-4474-a285-3208198ce6fd}:3.6.28"
prefs.js - "keyword.URL" - "http://dts.search.ask.com/sr?src=ffb&gc ... PN10640&q="

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
Ask.xml
mall-cz.xml
yahoo.xml

C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\extensions\
cs@dictionaries.addons.mozilla.org
{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
{97A78363-B868-4B48-AC91-A783A31215AF}
{9A7DF664-82DC-020F-C190-9A665AF83389}
{ea614400-e918-4741-9a97-7a972ff7c30b}

C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\searchplugins\
Ask.xml
myplaycity.xml
mywebsearch.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}]
MinibarBHO - C:\Program Files\Minibar\Minibar.dll [2013-02-26 331264]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-06 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}]
pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll [2013-12-27 1398080]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]
{B922D405-6D13-4A2B-AE89-08A030DA4402} - pdfforge Toolbar - C:\Program Files\pdfforge Toolbar\IE\8.6\pdfforgeToolbarIE.dll [2013-12-27 1398080]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-20 16384512]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"SiSPower"=SiSPower.dll,ModeAgent []
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-02-23 35328]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-07-30 98304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"SearchSettings"=C:\Program Files\Common Files\Spigot\Search Settings\SearchSettings.exe [2013-12-27 1383232]
"FileZilla Server Interface"=C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2014-01-02 2315776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\user01\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\user01\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]
"SDP"=C:\Documents and Settings\user01\Local Settings\Data aplikací\FilesFrog Update Checker\update_checker.exe [2013-01-31 201808]
"AppsHat"=C:\Documents and Settings\user01\Local Settings\Data aplikací\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]
"Apps Hat"=C:\Documents and Settings\user01\Local Settings\Data aplikací\WebPlayer\AppsHat\WebPlayer.exe [2012-10-26 202752]
"WINZIPDUDriverUpdater"=C:\Program Files\WinZip Driver Updater\winzipdu.exe [2013-07-11 9851048]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\RunOnce]
"FlashPlayerUpdate"=C:\WINDOWS\system32\Macromed\Flash\FlashUtil32_11_9_900_170_Plugin.exe [2013-12-11 839560]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Documents and Settings\user01\Nabídka Start\Programy\Po spuštění
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows]
"AppInit_DLLs"="C:\DOCUME~1\ALLUSE~1\DATAAP~1\Wincert\WIN32C~1.DLL C:\PROGRA~1\MOVIES~1\SAFETY~1\SAFETY~2.DLL "

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Documents and Settings\user01\Data aplikací\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe"="C:\Documents and Settings\user01\Data aplikací\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Generic Host Process"
"%windir%\explorer.exe"="%windir%\explorer.exe"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\WinZip Driver Updater\winzipdu.exe"="C:\Program Files\WinZip Driver Updater\winzipdu.exe:*:Enabled:WinZipDriverUpdater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\explorer.exe"="%windir%\explorer.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-01-16 13:14:58 ----D---- C:\Documents and Settings\All Users\Data aplikací\Wincert
2014-01-16 13:14:37 ----D---- C:\Documents and Settings\user01\Data aplikací\somotomoviestoolbar1
2014-01-16 13:13:39 ----D---- C:\Program Files\Movies Toolbar
2014-01-16 13:13:35 ----D---- C:\Documents and Settings\All Users\Data aplikací\SafetyNut
2014-01-16 00:14:21 ----D---- C:\Documents and Settings\user01\Data aplikací\WinZip
2014-01-16 00:14:12 ----D---- C:\Program Files\WinZip Driver Updater
2014-01-16 00:12:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\WinZip
2014-01-16 00:12:48 ----D---- C:\Program Files\WinZip
2014-01-16 00:10:16 ----D---- C:\Program Files\FileZilla Server
2014-01-15 23:12:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$
2014-01-14 14:10:28 ----D---- C:\Documents and Settings\user01\Data aplikací\Search Settings
2014-01-14 14:10:23 ----D---- C:\Program Files\Application Updater
2014-01-14 14:10:22 ----D---- C:\Program Files\pdfforge Toolbar
2014-01-14 14:10:22 ----D---- C:\Program Files\Common Files\Spigot

======List of files/folders modified in the last 1 month======

2014-01-19 15:56:08 ----D---- C:\Program Files\trend micro
2014-01-19 15:56:05 ----D---- C:\WINDOWS\Prefetch
2014-01-19 13:27:17 ----D---- C:\WINDOWS\Temp
2014-01-19 09:24:40 ----D---- C:\Documents and Settings\user01\Data aplikací\Seznam.cz
2014-01-18 20:17:35 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-18 14:10:06 ----D---- C:\WINDOWS\system32
2014-01-16 13:13:39 ----RD---- C:\Program Files
2014-01-16 01:40:15 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-16 00:14:48 ----HD---- C:\WINDOWS\inf
2014-01-16 00:14:29 ----SD---- C:\WINDOWS\Tasks
2014-01-16 00:13:24 ----SHD---- C:\WINDOWS\Installer
2014-01-16 00:13:24 ----D---- C:\WINDOWS
2014-01-15 23:16:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-01-15 23:13:02 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 23:12:51 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 23:12:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-15 23:12:40 ----D---- C:\WINDOWS\system32\drivers
2014-01-15 18:10:18 ----A---- C:\WINDOWS\wincmd.ini
2014-01-14 14:10:22 ----D---- C:\Program Files\Common Files
2014-01-05 20:34:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-04 14:36:05 ----D---- C:\Program Files\Mozilla Thunderbird
2013-12-20 16:28:38 ----D---- C:\Program Files\LemurLeap

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-06-25 18432]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 aksfridge;HASP Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2008-03-18 350720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-28 4609024]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-06-25 321536]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2006-12-19 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2007-07-05 238976]
S3 akshhl;Aladdin HASP HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2007-07-05 14976]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 Application Updater;Application Updater; C:\Program Files\Application Updater\ApplicationUpdater.exe [2013-12-27 807800]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2014-01-02 637440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-22 153376]
R2 SafetyNutManager;SafetyNut Manager; C:\Program Files\Movies Toolbar\SafetyNut\SafetyNutManager.exe [2013-12-23 3446792]
R2 Update LemurLeap;Update LemurLeap; C:\Program Files\LemurLeap\updateLemurLeap.exe [2014-01-16 97056]
R2 Util LemurLeap;Util LemurLeap; C:\Program Files\LemurLeap\bin\utilLemurLeap.exe [2014-01-16 97056]
R3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-01 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-25 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------




Předem děkuju!

[cernohous13]

Zdravím,

tak nejprve:
Stáhni Junkware Removal Tool http://thisisudax.org/downloads/JRT.exe
Ulož jej na plochu a spusť - zobrazí se licenční podminky -> start libovolnou klávesou.
Bude vytvořena záloha a proběhne skenování.
Vyskočí log (nebo je uložen zde c:\JRT jako JRT.txt) - zkopíruj jej sem

Stáhni AdwCleaner http://general-changelog-team.fr/fr/dow ... adwcleaner
Ulož nejlépe na plochu -> ukonči všechny programy -> spusť AdwCleaner -> klikni na Scan po dokončení na Clean
bude provedena oprava, restartuje se - (případně restartuj) a vypadne log C:\AdwCleaner\AdwCleaner[S?].txt , jeho obsah vložíš sem

[KaterinaS]

~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Junkware Removal Tool (JRT) by Thisisu
Version: 6.1.0 (01.07.2014:1)
OS: Microsoft Windows XP x86
Ran by user01 on ne 19.01.2014 at 16:09:17,70
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~




~~~ Services

Successfully stopped: [Service] application updater
Successfully deleted: [Service] application updater
Failed to stop: [Service] update lemurleap



~~~ Registry Values

Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\apps hat
Successfully deleted: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\sdp
Successfully deleted: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\searchsettings
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows NT\CurrentVersion\Windows\\AppInit_DLLs
Successfully repaired: [Registry Value] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\.DEFAULT\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-18\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-19\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-20\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_USERS\S-1-5-21-1202660629-1682526488-1606980848-1004\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\Main\\Start Page
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\DisplayName
Successfully repaired: [Registry Value] HKEY_LOCAL_MACHINE\Software\Microsoft\Internet Explorer\SearchScopes\{0633EE93-D776-472f-A0FF-E1416B8B2E3A}\\URL



~~~ Registry Keys

Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\protector_dll.protectorbho.1
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{1AA60054-57D9-4F99-9A55-D0FBFBE7ECD3}
Successfully deleted: [Registry Key] HKEY_CLASSES_ROOT\CLSID\{4AA46D49-459F-4358-B4D1-169048547C23}
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\apn dtx
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\bi
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\somoto
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\yahoopartnertoolbar
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\AppDataLow\software\search settings
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{3CA2F312-6F6E-4B53-A66E-4E65E497C8C0}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\application updater
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Classes\prod.cap
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Ext\PreApproved\{08858AF6-42AD-4914-95D2-AC3AB0DC8E28}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\bi_uninstaller
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Uninstall\filesfrog update checker
Successfully deleted: [Registry Key] HKEY_CURRENT_USER\Software\Microsoft\Internet Explorer\SearchScopes\{96bd48dd-741b-41ae-ac4a-aff96ba00f7e}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Successfully deleted: [Registry Key] HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{B922D405-6D13-4A2B-AE89-08A030DA4402}



~~~ Files



~~~ Folders

Successfully deleted: [Folder] "C:\Documents and Settings\user01\Data aplikací\babylon"
Successfully deleted: [Folder] "C:\Documents and Settings\user01\Data aplikací\pdfforge"
Successfully deleted: [Folder] "C:\Documents and Settings\user01\Data aplikací\search settings"
Successfully deleted: [Folder] "C:\Program Files\application updater"
Failed to delete: [Folder] "C:\Program Files\lemurleap"
Successfully deleted: [Folder] "C:\Program Files\minibar"
Failed to delete: [Folder] "C:\Program Files\movies toolbar"
Successfully deleted: [Folder] "C:\Program Files\pdfforge toolbar"
Failed to delete: [Folder] "C:\Program Files\Common Files\spigot"



~~~ FireFox

Failed to delete: [File] "C:\Program Files\Mozilla Firefox\searchplugins\ask.xml"
Successfully deleted: [File] C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\user.js
Successfully deleted: [File] C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\searchplugins\ask.xml
Successfully deleted: [File] C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\searchplugins\mywebsearch.xml
Successfully deleted: [Folder] C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\extensions\{97a78363-b868-4b48-ac91-a783a31215af}
Successfully deleted the following from C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\prefs.js

user_pref("browser.newtab.url", "hxxp://search.babylon.com/?babsrc=NT_ss&mntrId=18CA001E8CA9E8B4&affID=124684&tsp=5008");
user_pref("browser.startup.homepage", "hxxp://www.search.ask.com/?o=APN10640A&gct=hp& ... 81-229&t=4");
user_pref("extensions.mywebsearch.openSearchURL", "hxxp://search.mywebsearch.com/mywebsearch/opensearch.jhtml?id=GRxdm035YYCZ&ptb=KCuTOihHOd.6byOQ8gqDBg&ind=2011051807&ptnrS=G
user_pref("extensions.mywebsearch.prevKwdEnabled", true);
user_pref("extensions.mywebsearch.prevKwdURL", "chrome://browser-region/locale/region.properties");
user_pref("keyword.URL", "hxxp://dts.search.ask.com/sr?src=ffb&gct=ds&appid=102&systemid=473&v=n10781-229&apn_dtid=BND101&apn_ptnrs=AG1&apn_uid=1030212280574647&o=APN10640&q="
Emptied folder: C:\Documents and Settings\user01\Data aplikací\mozilla\firefox\profiles\5v8t0xze.default\minidumps [10 files]





~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~
Scan was completed on ne 19.01.2014 at 16:22:41,81
End of JRT log
~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~~

[KaterinaS]

# AdwCleaner v3.017 - Report created 19/01/2014 at 16:28:51
# Updated 12/01/2014 by Xplode
# Operating System : Microsoft Windows XP Service Pack 3 (32 bits)
# Username : user01 - COMPANY6
# Running from : C:\Documents and Settings\user01\Dokumenty\Stažené soubory\adwcleaner.exe
# Option : Clean

***** [ Services ] *****

Service Deleted : SafetyNutManager
[#] Service Deleted : Update LemurLeap
[#] Service Deleted : Util LemurLeap

***** [ Files / Folders ] *****

Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Babylon
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\SafetyNut
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Trymedia
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\wincert
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\Alawar Stargaze
Folder Deleted : C:\Documents and Settings\All Users\Data aplikací\AlawarWrapper
Folder Deleted : C:\Program Files\LemurLeap
Folder Deleted : C:\Program Files\Movies Toolbar
Folder Deleted : C:\Program Files\Common Files\Spigot
Folder Deleted : C:\Documents and Settings\user01\Local Settings\Data aplikací\FilesFrog Update Checker
Folder Deleted : C:\Documents and Settings\user01\Local Settings\Data aplikací\Minibar
Folder Deleted : C:\Documents and Settings\user01\Local Settings\Data aplikací\webplayer
Folder Deleted : C:\Documents and Settings\user01\Local Settings\Data aplikací\AlawarWrapper
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\somotomoviestoolbar1
Folder Deleted : C:\Documents and Settings\user01\Nabídka Start\Programy\FilesFrog Update Checker
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\somotomoviestoolbar1
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\Extensions\{3444c3c5-6c56-4a16-a453-832b05bf6ea4}
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\Extensions\cs@dictionaries.addons.mozilla.org
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\Extensions\{9A7DF664-82DC-020F-C190-9A665AF83389}
Folder Deleted : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\Extensions\{ea614400-e918-4741-9a97-7a972ff7c30b}
[!] Folder Deleted : C:\Documents and Settings\user01\Local Settings\Data aplikací\Google\Chrome\User Data\Default\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
File Deleted : C:\Program Files\Mozilla Firefox\searchplugins\Ask.xml
File Deleted : C:\Program Files\Mozilla Firefox\browser\searchplugins\Ask.xml

***** [ Shortcuts ] *****

Shortcut Disinfected : C:\Documents and Settings\user01\Nabídka Start\Programy\AppsHat\Uninstall.lnk

***** [ Registry ] *****

Key Deleted : HKLM\SOFTWARE\Google\Chrome\Extensions\jlnfdbbladgcmhhamgkioifhbobjaoof
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [AppsHat]
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bitguard.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsemngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserdefender.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsermngr.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browserprotect.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bundlesweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\cltmngsvc.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta babylon.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta tb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\delta2.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltainstaller.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltasetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\deltatb_2501-c733154b.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\iminentsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\sweetimsetup.exe
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\tbdelta.exetoolbar783881609.exe
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet001\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x64]
Value Deleted : HKLM\SYSTEM\ControlSet002\Control\Session Manager\AppCertDlls [x86]
Value Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Run [WINZIPDUDriverUpdater]
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{539F76FD-084E-4858-86D5-62F02F54AE86}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{60EACC1A-33FA-443D-9846-17B28E2C9BDB}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AA74D58F-ACD0-450D-A85E-6C04B171C044}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Classes\CLSID\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{06E50566-0AB7-431C-841D-62794727DAF9}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{26E7211D-0650-43CF-8498-4C81E83AEAAA}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{6E4C89CF-3061-4EE4-B22A-B7A8AAEA5CB3}
Key Deleted : HKLM\SOFTWARE\Classes\Interface\{DB507187-9746-458C-97DA-C458131EEDE7}
Key Deleted : HKLM\SOFTWARE\Classes\TypeLib\{F13D3582-1359-4F8F-9A48-EF3AE9F5701C}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Stats\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Ext\Settings\{B922D405-6D13-4A2B-AE89-08A030DA4402}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Extensions\{AAA38851-3CFF-475F-B5E0-720D3645E4A5}
Key Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Low Rights\ElevationPolicy\{3444C3C5-6C56-4A16-A453-832B05BF6EA4}
Value Deleted : HKLM\SOFTWARE\Microsoft\Internet Explorer\Toolbar [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{539F76FD-084E-4858-86D5-62F02F54AE86}]
Value Deleted : HKCU\Software\Microsoft\Internet Explorer\URLSearchHooks [{B922D405-6D13-4A2B-AE89-08A030DA4402}]
Value Deleted : HKLM\SOFTWARE\Policies\Google\Chrome\ExtensionInstallForcelist [1]
Key Deleted : HKCU\Software\pdfforge
Key Deleted : HKCU\Software\Search Settings
Key Deleted : HKCU\Software\somotomoviestoolbar1
Key Deleted : HKCU\Software\Webplayer
Key Deleted : HKCU\Software\AppDataLow\Software\pdfforge
Key Deleted : HKLM\Software\Minibar
Key Deleted : HKLM\Software\pdfforge
Key Deleted : HKLM\Software\SafetyNut
Key Deleted : HKLM\Software\Search Settings
Key Deleted : HKLM\Software\Trymedia Systems
Key Deleted : HKCU\Software\Microsoft\Windows\CurrentVersion\Uninstall\AppsHat Mobile Apps
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\Uninstall\somotomoviestoolbar1FF
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{638482BC-3092-42DC-AEA1-735264911A77}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{A0B139A7-E8D5-49E8-A7BF-12421E652208}
Key Deleted : HKLM\SOFTWARE\Microsoft\Windows\CurrentVersion\App Management\ARPCache\{BE7785D6-045F-44FB-A1E4-3FA555874415}
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\docume~1\alluse~1\dataap~1\wincert\win32c~1.dll
Data Deleted : HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Windows [AppInit_DLLs] - c:\progra~1\movies~1\safety~1\safety~2.dll
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\00E944CB89111313EAF35A0553F547F9
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\53F55AF3F4049ED3FA6EA6F88E414E24
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\68E4BF4B11615E03C97732FD581AB607
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\8CE3DDAB2D152683FBCEB4866BCD2B0F
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\AF6CE16AFEA5C9A39B766468A8B35C21
Key Deleted : HKLM\Software\Microsoft\Windows\CurrentVersion\Installer\UserData\S-1-5-18\Components\FB1E44269B58F433A8C8E671E37CFDCF

***** [ Browsers ] *****

-\\ Internet Explorer v8.0.6001.18702


-\\ Mozilla Firefox v26.0 (cs)

[ File : C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\prefs.js ]


-\\ Google Chrome v32.0.1700.76

[ File : C:\Documents and Settings\user01\Local Settings\Data aplikací\Google\Chrome\User Data\Default\preferences ]


*************************

AdwCleaner[R0].txt - [10635 octets] - [19/01/2014 16:26:48]
AdwCleaner[S0].txt - [9756 octets] - [19/01/2014 16:28:51]

########## EOF - C:\AdwCleaner\AdwCleaner[S0].txt - [9816 octets] ##########

[cernohous13]

Vypadá to dobře

Smaž JRT a ADWCleaner + jejich logy

Stáhni a nainstaluj MBAM zde http://www.malwarebytes.org/products/malwarebytes_free/
Spustit -> na 3.záložce "Aktualizace" -> Kontrola aktualizací
následně na 1.záložce "Kontrolor" -> Úplná kontrola -> Prohledat
po dokončení scanu vyskočí okno Notepad s výsledkem - obsah zkopíruj do své odpovědi
zatím nic nemazat - počkej na posouzení

[KaterinaS]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.19.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user01 :: COMPANY6 [administrátor]

Ochrana: Povolena

19.1.2014 23:07:08
MBAM-log-2014-01-20 (01-08-06).txt

Typ: Kompletní kontrola (C:\|)
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 353920
Uplynulý čas: 1 hodin, 48 minut, 40 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 3
HKLM\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\SETUP.EXE (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
HKCU\Software\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
HKLM\SOFTWARE\LemurLeap (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 64
C:\Documents and Settings\All Users\dxnkvbb.exe (Trojan.Agent.RV) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Dokumenty\Stažené soubory\SFInstaller_SFFZ_filezilla_10770709_.exe (PUP.Optional.Spigot.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Dokumenty\Stažené soubory\7ZipSetup.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\Data aplikací\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\LemurLeap_sm.exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\MoviesToolbarSetup_Somoto.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\FLVPlayerSetup.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BabylonTB.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (10).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (11).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (12).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (13).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (14).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (15).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (16).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (17).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (18).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (19).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (2).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (20).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (21).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (22).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (23).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (24).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (25).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (26).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (27).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (28).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (29).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (3).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (30).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (31).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (32).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (33).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (4).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (5).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (6).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (7).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (8).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (9).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (1).exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\nsl18F\nsm193.tmp\mediabar.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\temp\nsl18F\nsm193.tmp\MoviesToolbarMediaBar.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\08BO18PL\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\2UV7C94B\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate[1].exe (PUP.Optional.Somoto) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\2UV7C94B\Setup[1].exe (PUP.Optional.LemurLeap.A) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\[4]-Submit_2013-06-24_21.53.18.zip (Spyware.Password) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Documents and Settings\user01\kozdikmucafc.exe.vir (Trojan.Cutwail) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Documents and Settings\user01\sidficymdozk.exe.vir (Trojan.FakeINTEL) -> Nebyla provedena žádná instrukce.
C:\Qoobox\Quarantine\C\Documents and Settings\user01\xogekxakwidm.exe.vir (Trojan.Cutwail) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{8994B3C3-7300-4E09-9058-71928AB9B8F3}\RP156\A0033204.dll (PUP.Optional.MiniBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{8994B3C3-7300-4E09-9058-71928AB9B8F3}\RP156\A0033206.exe (PUP.Optional.MoviesToolBar.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{8994B3C3-7300-4E09-9058-71928AB9B8F3}\RP156\A0033250.exe (PUP.Optional.Somoto.A) -> Nebyla provedena žádná instrukce.
C:\System Volume Information\_restore{8994B3C3-7300-4E09-9058-71928AB9B8F3}\RP156\A0033251.exe (PUP.Optional.FilesFrog.A) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Data aplikací\wiaservg.log (Malware.Trace) -> Nebyla provedena žádná instrukce.
C:\Documents and Settings\user01\Plocha\Free Stuff.lnk (Rogue.Link) -> Nebyla provedena žádná instrukce.

(konec)

[cernohous13]

MBAM spustíš znovu a stačí "Rychlá kontrola"
po ukončení -> Zobrazit výsledky -> zkontrolovat zda je vše označeno -> Odstranit označené
vyběhne log, ve kterém budou záznamy tohoto typu:
Nalezené soubory
C:\Program Files\xxxxxx -> Umístnění do karantény a smazání se zdařilo/Pridanie do karantény a zmazanie úspešné..(Quarantined and deleted successfully)
ten bych rád viděl

Po výmazu znovu Rychlá kontrola a log mi dej

[KaterinaS]

Nalezené soubory: 54
C:\Documents and Settings\user01\Local Settings\temp\LemurLeap_sm.exe (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\MoviesToolbarSetup_Somoto.exe (PUP.Optional.MoviesToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\FLVPlayerSetup.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate.exe (PUP.Optional.Somoto) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BabylonTB.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\appshat-distribution.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (10).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (11).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (12).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (13).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (14).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (15).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (16).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (17).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (18).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (19).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (2).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (20).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (21).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (22).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (23).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (24).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (25).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (26).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (27).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (28).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (29).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (3).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (30).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (31).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (32).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (33).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (4).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (5).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (6).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (7).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (8).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (9).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\UpdateCheckerSetup.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\BI_RunOnce (1).exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\BabMaint.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\BExternal.dll (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\8FF5DC7B-BAB0-7891-B75A-AFD9CE0A9465\Latest\Setup.exe (PUP.Optional.Babylon.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\nsl18F\nsm193.tmp\mediabar.exe (PUP.Optional.MoviesToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\temp\nsl18F\nsm193.tmp\MoviesToolbarMediaBar.exe (PUP.Optional.MoviesToolBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\All Users\dxnkvbb.exe (Trojan.Agent.RV) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\Application Data\Bundled software uninstaller\biclient.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\Data aplikací\AppsHat Mobile Apps\Uninstall.exe (PUP.Optional.Somoto.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\08BO18PL\minibar-core[1].exe (PUP.Optional.MiniBar.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\2UV7C94B\FLVPlayerUpdate_downloader_by_FLVPlayerUpdate[1].exe (PUP.Optional.Somoto) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Local Settings\Temporary Internet Files\Content.IE5\2UV7C94B\Setup[1].exe (PUP.Optional.LemurLeap.A) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Data aplikací\wiaservg.log (Malware.Trace) -> Přesun do karantény a smazání se zdařilo.
C:\Documents and Settings\user01\Plocha\Free Stuff.lnk (Rogue.Link) -> Přesun do karantény a smazání se zdařilo.

(konec)

[KaterinaS]

Malwarebytes Anti-Malware (Zkušební verze Malwarebytes Anti-Malware.) 1.75.0.1300
www.malwarebytes.org

Verze: v2014.01.19.06

Windows XP Service Pack 3 x86 NTFS
Internet Explorer 8.0.6001.18702
user01 :: COMPANY6 [administrátor]

Ochrana: Povolena

20.1.2014 9:32:55
mbam-log-2014-01-20 (09-32-55).txt

Typ: Rychlá kontrola
Nastavení kontroly povoleno: Paměť | Po spuštění | Registr | Systémové soubory | Heuristická analýza Extra | Heuristická analýza Shuriken | PUP | PUM
Nastavení kontroly zakázáno: P2P
Kontrolované objekty: 201766
Uplynulý čas: 12 minut, 16 sekund

Nalezené procesy v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené moduly v paměti: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené klíče v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené hodnoty v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené datové položky v registru: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené složky: 0
(Žádné škodlivé položky nebyly zjištěny)

Nalezené soubory: 0
(Žádné škodlivé položky nebyly zjištěny)

(konec)

[cernohous13]

Máme ještě nějaký problém nebo budeme uklízet

[KaterinaS]

Teď po posledním restartu to frčí
Jen mě Malware nepustí na některé stránky a počítač včetně myši mi usíná po minutě nečinnosti...ale to už asi bude jen o nastavení???

[cernohous13]

MBAM odinstaluj (http://downloads.malwarebytes.org/file/mbam_clean)

dej mi aktuální RSIT - ještě budeme mazat

[KaterinaS]

Logfile of random's system information tool 1.09 (written by random/random)
Run by user01 at 2014-01-20 16:51:35
Microsoft Windows XP Home Edition Service Pack 3
System drive C: has 3 GB (2%) free of 153 GB
Total RAM: 1919 MB (66% free)

Logfile of Trend Micro HijackThis v2.0.4
Scan saved at 16:51:44, on 20.1.2014
Platform: Windows XP SP3 (WinNT 5.01.2600)
MSIE: Internet Explorer v8.00 (8.00.6001.18702)
Boot mode: Normal

Running processes:
C:\WINDOWS\System32\smss.exe
C:\WINDOWS\system32\winlogon.exe
C:\WINDOWS\system32\services.exe
C:\WINDOWS\system32\lsass.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\System32\svchost.exe
C:\Program Files\AVAST Software\Avast\AvastSvc.exe
C:\WINDOWS\system32\spoolsv.exe
C:\WINDOWS\Explorer.EXE
C:\WINDOWS\RTHDCPL.EXE
C:\Program Files\Winamp\winampa.exe
C:\Program Files\AVAST Software\Avast\avastUI.exe
C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
C:\WINDOWS\system32\ctfmon.exe
C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
C:\WINDOWS\system32\sistray.exe
C:\Program Files\WinZip\WZQKPICK32.EXE
C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
C:\Program Files\Bonjour\mDNSResponder.exe
C:\Program Files\FileZilla Server\FileZilla Server.exe
C:\Program Files\Java\jre6\bin\jqs.exe
C:\WINDOWS\system32\svchost.exe
C:\WINDOWS\system32\svchost.exe
C:\Program Files\Mozilla Firefox\firefox.exe
C:\WINDOWS\system32\wuauclt.exe
C:\Documents and Settings\user01\Dokumenty\Stažené soubory\RSIT(1).exe
C:\Program Files\trend micro\user01.exe

R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Page_URL = http://go.microsoft.com/fwlink/?LinkId=69157
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Default_Search_URL = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKLM\Software\Microsoft\Internet Explorer\Main,Search Page = http://go.microsoft.com/fwlink/?LinkId=54896
R1 - HKCU\Software\Microsoft\Windows\CurrentVersion\Internet Settings,ProxyOverride = *.local
R0 - HKCU\Software\Microsoft\Internet Explorer\Toolbar,LinksFolderName = Odkazy
O2 - BHO: MSS+ Identifier - {0E8A89AD-95D7-40EB-8D9D-083EF7066A01} - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll
O2 - BHO: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O2 - BHO: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O2 - BHO: Google Toolbar Helper - {AA58ED58-01DD-4d91-8333-CF10577473F7} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O2 - BHO: Google Toolbar Notifier BHO - {AF69DE43-7D58-4638-B6FA-CE66B5AD205D} - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll
O2 - BHO: Java(tm) Plug-In 2 SSV Helper - {DBC80044-A445-435b-BC74-9C25C1C588A9} - C:\Program Files\Java\jre6\bin\jp2ssv.dll
O2 - BHO: JQSIEStartDetectorImpl - {E7E6F031-17CE-4C07-BC86-EABFE594F69C} - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll
O2 - BHO: EpsonToolBandKicker Class - {E99421FB-68DD-40F0-B4AC-B7027CAE2F1A} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: EPSON Web-To-Page - {EE5D279F-081B-4404-994D-C6B60AAEBA6D} - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll
O3 - Toolbar: Easy Photo Print - {9421DD08-935F-4701-A9CA-22DF90AC4EA6} - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll
O3 - Toolbar: avast! Online Security - {8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll
O3 - Toolbar: Google Toolbar - {2318C2B1-4965-11d4-9B18-009027A5CD4F} - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll
O4 - HKLM\..\Run: [RTHDCPL] RTHDCPL.EXE
O4 - HKLM\..\Run: [SkyTel] SkyTel.EXE
O4 - HKLM\..\Run: [SiSPower] Rundll32.exe SiSPower.dll,ModeAgent
O4 - HKLM\..\Run: [WinampAgent] C:\Program Files\Winamp\winampa.exe
O4 - HKLM\..\Run: [Nikon Message Center 2] C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe -s
O4 - HKLM\..\Run: [ArcSoft Connection Service] C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe
O4 - HKLM\..\Run: [avast] "C:\Program Files\AVAST Software\Avast\avastUI.exe" /nogui
O4 - HKLM\..\Run: [APSDaemon] "C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe"
O4 - HKLM\..\Run: [QuickTime Task] "C:\Program Files\QuickTime\QTTask.exe" -atboottime
O4 - HKLM\..\Run: [seznam-listicka-distribuce] "C:\Program Files\Seznam.cz\distribution\szninstall.exe" -s -d listicka 1 szn-software-listicka cz.seznam.software.autoupdate
O4 - HKLM\..\Run: [OrderReminder] C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe
O4 - HKLM\..\Run: [Adobe ARM] "C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe"
O4 - HKLM\..\Run: [FileZilla Server Interface] "C:\Program Files\FileZilla Server\FileZilla Server Interface.exe"
O4 - HKCU\..\Run: [ctfmon.exe] C:\WINDOWS\system32\ctfmon.exe
O4 - HKCU\..\Run: [cz.seznam.software.autoupdate] "C:\Documents and Settings\user01\Data aplikací\Seznam.cz\szninstall.exe" -c
O4 - HKCU\..\Run: [cz.seznam.software.szndesktop] "C:\Documents and Settings\user01\Data aplikací\Seznam.cz\bin\wszndesktop.exe" -q
O4 - HKUS\S-1-5-18\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'SYSTEM')
O4 - HKUS\.DEFAULT\..\Run: [CTFMON.EXE] C:\WINDOWS\system32\CTFMON.EXE (User 'Default user')
O4 - Startup: Obsah aplikace OneNote.onetoc2
O4 - Startup: Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk = C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE
O4 - Global Startup: Adobe Gamma Loader.lnk = C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
O4 - Global Startup: McAfee Security Scan Plus.lnk = C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
O4 - Global Startup: Utility Tray.lnk = C:\WINDOWS\system32\sistray.exe
O4 - Global Startup: WinZip Quick Pick.lnk = C:\Program Files\WinZip\WZQKPICK32.EXE
O8 - Extra context menu item: E&xportovat do aplikace Microsoft Excel - res://C:\PROGRA~1\MICROS~2\Office12\EXCEL.EXE/3000
O9 - Extra button: Odeslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra 'Tools' menuitem: Od&eslat do aplikace OneNote - {2670000A-7350-4f3c-8081-5663EE0C6C49} - C:\PROGRA~1\MICROS~2\Office12\ONBttnIE.dll
O9 - Extra button: Research - {92780B25-18CC-41C8-B9BE-3C9C571A8263} - C:\PROGRA~1\MICROS~2\Office12\REFIEBAR.DLL
O9 - Extra button: (no name) - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra 'Tools' menuitem: @xpsp3res.dll,-20001 - {e2e2dd38-d088-4134-82b7-f2ba38496583} - C:\WINDOWS\Network Diagnostic\xpnetdiag.exe
O9 - Extra button: Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O9 - Extra 'Tools' menuitem: Windows Messenger - {FB5F1910-F110-11d2-BB9E-00C04F795683} - C:\Program Files\Messenger\msmsgs.exe
O16 - DPF: {F27237D7-93C8-44C2-AC6E-D6057B9A918F} (JuniperSetupClientControl Class) - https://juniper.net/dana-cached/sc/Juni ... Client.cab
O22 - SharedTaskScheduler: Browseui preloader - {438755C2-A8BA-11D1-B96B-00A0C90312E1} - C:\WINDOWS\system32\browseui.dll
O22 - SharedTaskScheduler: Proces mezipaměti kategorií součástí - {8C7461EF-2B13-11d2-BE35-3078302C2030} - C:\WINDOWS\system32\browseui.dll
O23 - Service: ArcSoft Connect Daemon (ACDaemon) - ArcSoft Inc. - C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe
O23 - Service: Adobe Flash Player Update Service (AdobeFlashPlayerUpdateSvc) - Adobe Systems Incorporated - C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe
O23 - Service: avast! Antivirus - AVAST Software - C:\Program Files\AVAST Software\Avast\AvastSvc.exe
O23 - Service: ##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762## (Bonjour Service) - Apple Computer, Inc. - C:\Program Files\Bonjour\mDNSResponder.exe
O23 - Service: FileZilla Server FTP server (FileZilla Server) - FileZilla Project - C:\Program Files\FileZilla Server\FileZilla Server.exe
O23 - Service: FLEXnet Licensing Service - Macrovision Europe Ltd. - C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe
O23 - Service: Google Update Service (gupdate) (gupdate) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Služba Google Update (gupdatem) (gupdatem) - Google Inc. - C:\Program Files\Google\Update\GoogleUpdate.exe
O23 - Service: Google Software Updater (gusvc) - Google - C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe
O23 - Service: InstallDriver Table Manager (IDriverT) - Macrovision Corporation - C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe
O23 - Service: Java Quick Starter (JavaQuickStarterService) - Sun Microsystems, Inc. - C:\Program Files\Java\jre6\bin\jqs.exe
O23 - Service: McAfee Security Scan Component Host Service (McComponentHostService) - McAfee, Inc. - C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe
O23 - Service: Mozilla Maintenance Service (MozillaMaintenance) - Mozilla Foundation - C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe
O24 - Desktop Component 0: (no name) - http://res01-cz.geewa.ws/werebox/res/sc ... t1_320.jpg

--
End of file - 9223 bytes

======Scheduled tasks folder======

C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WinZipDriverUpdater_UPDATES.job

=========Mozilla firefox=========

ProfilePath - C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default

"{20a82645-c095-46ed-80e3-08825760534b}"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\DotNetAssistantExtension\
"jqs@sun.com"=C:\Program Files\Java\jre6\lib\deploy\jqs\ff
"wrc@avast.com"=C:\Program Files\AVAST Software\Avast\WebRep\FF


[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/FlashPlayer]
"Description"=Adobe® Flash® Player 11.9.900.170 Plugin
"Path"=C:\WINDOWS\system32\Macromed\Flash\NPSWF32_11_9_900_170.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@adobe.com/ShockwavePlayer]
"Description"=Adobe Shockwave Player
"Path"=C:\WINDOWS\system32\Adobe\Director\np32dsw_1204144.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@Google.com/GoogleEarthPlugin]
"Description"=Google Earth in your browser
"Path"=C:\Program Files\Google\Google Earth\plugin\npgeplugin.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
"Description"=McAfee Mss Plugin
"Path"=C:\Program Files\McAfee Security Scan\3.8.130\npMcAfeeMss.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@microsoft.com/WPF,version=3.5]
"Description"=Windows Presentation Foundation plug-in for Mozilla browsers
"Path"=c:\WINDOWS\Microsoft.NET\Framework\v3.5\Windows Presentation Foundation\NPWPF.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=3]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@tools.google.com/Google Update;version=9]
"Description"=Google Update
"Path"=C:\Program Files\Google\Update\1.3.22.3\npGoogleUpdate3.dll

[HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\Adobe Reader]
"Description"=Handles PDFs in-place in Firefox
"Path"=C:\Program Files\Adobe\Reader 11.0\Reader\AIR\nppdf32.dll


C:\Program Files\Mozilla Firefox\components\
nsIQTScriptablePlugin.xpt

C:\Program Files\Mozilla Firefox\plugins\
npdeploytk.dll
nppdf32.dll
npqtplugin.dll
npqtplugin2.dll
npqtplugin3.dll
npqtplugin4.dll
npqtplugin5.dll
QuickTimePlugin.class

C:\Program Files\Mozilla Firefox\searchplugins\
mall-cz.xml
yahoo.xml

C:\Documents and Settings\user01\Data aplikací\Mozilla\Firefox\Profiles\5v8t0xze.default\searchplugins\
myplaycity.xml

======Registry dump======

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
MSS+ Identifier - C:\Program Files\McAfee Security Scan\3.8.130\McAfeeMSS_IE.dll [2013-09-06 95648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{8E5E2654-AD2D-48bf-AC2D-D17F00898D06}]
avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{9421DD08-935F-4701-A9CA-22DF90AC4EA6}]
Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AA58ED58-01DD-4d91-8333-CF10577473F7}]
Google Toolbar Helper - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
Google Toolbar Notifier BHO - C:\Program Files\Google\GoogleToolbarNotifier\5.7.9012.1008\swg.dll [2013-10-06 1001936]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{DBC80044-A445-435b-BC74-9C25C1C588A9}]
Java(tm) Plug-In 2 SSV Helper - C:\Program Files\Java\jre6\bin\jp2ssv.dll [2010-01-22 41760]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E7E6F031-17CE-4C07-BC86-EABFE594F69C}]
JQSIEStartDetectorImpl Class - C:\Program Files\Java\jre6\lib\deploy\jqs\ie\jqs_plugin.dll [2010-01-22 79648]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{E99421FB-68DD-40F0-B4AC-B7027CAE2F1A}]
EpsonToolBandKicker Class - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Internet Explorer\Toolbar]
{EE5D279F-081B-4404-994D-C6B60AAEBA6D} - EPSON Web-To-Page - C:\Program Files\EPSON\EPSON Web-To-Page\EPSON Web-To-Page.dll [2005-02-22 368640]
{9421DD08-935F-4701-A9CA-22DF90AC4EA6} - Easy Photo Print - C:\Program Files\Epson Software\Easy Photo Print\EPTBL.dll [2008-04-02 266240]
{8E5E2654-AD2D-48bf-AC2D-D17F00898D06} - avast! Online Security - C:\Program Files\AVAST Software\Avast\aswWebRepIE.dll [2013-05-09 198688]
{2318C2B1-4965-11d4-9B18-009027A5CD4F} - Google Toolbar - C:\Program Files\Google\Google Toolbar\GoogleToolbar_32.dll [2013-12-13 194128]

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"RTHDCPL"=C:\WINDOWS\RTHDCPL.EXE [2007-08-20 16384512]
"SkyTel"=C:\WINDOWS\SkyTel.EXE [2007-08-03 1826816]
"SiSPower"=SiSPower.dll,ModeAgent []
"WinampAgent"=C:\Program Files\Winamp\winampa.exe [2006-02-23 35328]
"Nikon Message Center 2"=C:\Program Files\Nikon\Nikon Message Center 2\NkMC2.exe [2010-05-25 619008]
"ArcSoft Connection Service"=C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACDaemon.exe [2010-10-27 207424]
"avast"=C:\Program Files\AVAST Software\Avast\avastUI.exe [2013-05-09 4858968]
"APSDaemon"=C:\Program Files\Common Files\Apple\Apple Application Support\APSDaemon.exe [2013-04-21 59720]
"QuickTime Task"=C:\Program Files\QuickTime\QTTask.exe [2013-05-01 421888]
"seznam-listicka-distribuce"=C:\Program Files\Seznam.cz\distribution\szninstall.exe [2013-05-16 1062472]
"OrderReminder"=C:\Program Files\Hewlett-Packard\OrderReminder\OrderReminder.exe [2006-07-30 98304]
"Adobe ARM"=C:\Program Files\Common Files\Adobe\ARM\1.0\AdobeARM.exe [2013-11-21 959904]
""= []
"FileZilla Server Interface"=C:\Program Files\FileZilla Server\FileZilla Server Interface.exe [2014-01-02 2315776]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"ctfmon.exe"=C:\WINDOWS\system32\ctfmon.exe [2008-04-14 15360]
"cz.seznam.software.autoupdate"=C:\Documents and Settings\user01\Data aplikací\Seznam.cz\szninstall.exe [2013-05-16 1062472]
"cz.seznam.software.szndesktop"=C:\Documents and Settings\user01\Data aplikací\Seznam.cz\bin\wszndesktop.exe [2013-04-12 92664]

C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění
Adobe Gamma Loader.lnk - C:\Program Files\Common Files\Adobe\Calibration\Adobe Gamma Loader.exe
McAfee Security Scan Plus.lnk - C:\Program Files\McAfee Security Scan\3.8.130\SSScheduler.exe
Utility Tray.lnk - C:\WINDOWS\system32\sistray.exe
WinZip Quick Pick.lnk - C:\Program Files\WinZip\WZQKPICK32.EXE

C:\Documents and Settings\user01\Nabídka Start\Programy\Po spuštění
Obsah aplikace OneNote.onetoc2
Výřezy obrazovky a spuštění aplikace OneNote 2007.lnk - C:\Program Files\Microsoft Office\Office12\ONENOTEM.EXE

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\ShellServiceObjectDelayLoad]
WPDShServiceObj - {AAA288BA-9A4C-45B0-95D7-94D524869DB5} - C:\WINDOWS\system32\WPDShServiceObj.dll [2006-10-18 133632]

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"DisableTaskMgr"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\System]
"dontdisplaylastusername"=0
"legalnoticecaption"=
"legalnoticetext"=
"shutdownwithoutlogon"=1
"undockwithoutlogon"=1

[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"NoDriveTypeAutoRun"=323
"NoDriveAutoRun"=67108863
"NoDrives"=0

[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Policies\explorer]
"HonorAutoRunSetting"=1
"NoDriveAutoRun"=67108863
"NoDriveTypeAutoRun"=323
"NoDrives"=0

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\standardprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE"="C:\Program Files\Microsoft Office\Office12\ONENOTE.EXE:*:Enabled:Microsoft Office OneNote"
"C:\Program Files\Mozilla Firefox\firefox.exe"="C:\Program Files\Mozilla Firefox\firefox.exe:*:Enabled:Firefox"
"C:\Program Files\Mozilla Thunderbird\thunderbird.exe"="C:\Program Files\Mozilla Thunderbird\thunderbird.exe:*:Enabled:Mozilla Thunderbird"
"C:\Program Files\Bonjour\mDNSResponder.exe"="C:\Program Files\Bonjour\mDNSResponder.exe:*:Enabled:Bonjour"
"C:\totalcmd\TOTALCMD.EXE"="C:\totalcmd\TOTALCMD.EXE:*:Enabled:Total Commander 32 bit international version, file manager replacement for Windows"
"C:\Documents and Settings\user01\Data aplikací\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe"="C:\Documents and Settings\user01\Data aplikací\Juniper Networks\Juniper Terminal Services Client\dsTermServ.exe:*:Enabled:Juniper Terminal Services Client"
"C:\WINDOWS\system32\msiexec.exe"="C:\WINDOWS\system32\msiexec.exe:*:Generic Host Process"
"%windir%\explorer.exe"="%windir%\explorer.exe"
"C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe"="C:\Program Files\Common Files\Apple\Apple Application Support\WebKit2WebProcess.exe:*:Enabled:WebKit"
"C:\Program Files\WinZip Driver Updater\winzipdu.exe"="C:\Program Files\WinZip Driver Updater\winzipdu.exe:*:Enabled:WinZipDriverUpdater"

[HKEY_LOCAL_MACHINE\system\currentcontrolset\services\sharedaccess\parameters\firewallpolicy\domainprofile\authorizedapplications\list]
"%windir%\Network Diagnostic\xpnetdiag.exe"="%windir%\Network Diagnostic\xpnetdiag.exe:*:Enabled:@xpsp3res.dll,-20000"
"%windir%\system32\sessmgr.exe"="%windir%\system32\sessmgr.exe:*:enabled:@xpsp2res.dll,-22019"
"%windir%\explorer.exe"="%windir%\explorer.exe"


[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
"Debugger="tasklist.exe
[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]
"Debugger="tasklist.exe

[HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Drivers32]
"midimapper"=midimap.dll
"msacm.imaadpcm"=imaadp32.acm
"msacm.msadpcm"=msadp32.acm
"msacm.msg711"=msg711.acm
"msacm.msgsm610"=msgsm32.acm
"msacm.trspch"=tssoft32.acm
"vidc.cvid"=iccvid.dll
"vidc.I420"=msh263.drv
"vidc.iv31"=ir32_32.dll
"vidc.iv32"=ir32_32.dll
"vidc.iv41"=ir41_32.ax
"vidc.iyuv"=iyuv_32.dll
"vidc.mrle"=msrle32.dll
"vidc.msvc"=msvidc32.dll
"vidc.uyvy"=msyuv.dll
"vidc.yuy2"=msyuv.dll
"vidc.yvu9"=tsbyuv.dll
"vidc.yvyu"=msyuv.dll
"wavemapper"=msacm32.drv
"msacm.msg723"=msg723.acm
"vidc.M263"=msh263.drv
"vidc.M261"=msh261.drv
"msacm.msaudio1"=msaud32.acm
"msacm.sl_anet"=sl_anet.acm
"msacm.iac2"=C:\WINDOWS\system32\iac25_32.ax
"vidc.iv50"=ir50_32.dll
"msacm.l3acm"=C:\WINDOWS\system32\l3codeca.acm
"wave"=wdmaud.drv
"midi"=wdmaud.drv
"mixer"=wdmaud.drv
"aux"=wdmaud.drv

======File associations======

.scr - open -
.scr - install -
.scr - config -

======List of files/folders created in the last 1 month======

2014-01-19 22:44:32 ----D---- C:\Documents and Settings\user01\Data aplikací\Malwarebytes
2014-01-19 22:44:22 ----D---- C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
2014-01-19 16:26:25 ----D---- C:\AdwCleaner
2014-01-19 16:09:15 ----D---- C:\WINDOWS\ERUNT
2014-01-16 00:14:21 ----D---- C:\Documents and Settings\user01\Data aplikací\WinZip
2014-01-16 00:14:12 ----D---- C:\Program Files\WinZip Driver Updater
2014-01-16 00:12:54 ----D---- C:\Documents and Settings\All Users\Data aplikací\WinZip
2014-01-16 00:12:48 ----D---- C:\Program Files\WinZip
2014-01-16 00:10:16 ----D---- C:\Program Files\FileZilla Server
2014-01-15 23:12:38 ----HDC---- C:\WINDOWS\$NtUninstallKB2914368$

======List of files/folders modified in the last 1 month======

2014-01-20 16:51:42 ----D---- C:\WINDOWS\Prefetch
2014-01-20 16:51:42 ----D---- C:\Program Files\trend micro
2014-01-20 16:49:07 ----D---- C:\Documents and Settings\user01\Data aplikací\Seznam.cz
2014-01-20 16:46:15 ----D---- C:\WINDOWS\Temp
2014-01-20 16:43:54 ----RD---- C:\Program Files
2014-01-20 16:43:05 ----A---- C:\WINDOWS\SchedLgU.Txt
2014-01-20 16:42:49 ----A---- C:\WINDOWS\wincmd.ini
2014-01-20 16:41:16 ----D---- C:\WINDOWS\system32\drivers
2014-01-20 09:28:59 ----HDC---- C:\WINDOWS\$NtUninstallKB2562937$
2014-01-19 16:09:15 ----D---- C:\WINDOWS
2014-01-18 14:10:06 ----D---- C:\WINDOWS\system32
2014-01-16 01:40:15 ----D---- C:\WINDOWS\system32\CatRoot2
2014-01-16 00:14:48 ----HD---- C:\WINDOWS\inf
2014-01-16 00:14:29 ----SD---- C:\WINDOWS\Tasks
2014-01-16 00:13:24 ----SHD---- C:\WINDOWS\Installer
2014-01-15 23:16:52 ----D---- C:\Documents and Settings\All Users\Data aplikací\Microsoft Help
2014-01-15 23:15:54 ----D---- C:\WINDOWS\system32\MRT
2014-01-15 23:12:51 ----A---- C:\WINDOWS\system32\MRT.exe
2014-01-15 23:12:40 ----RSHDC---- C:\WINDOWS\system32\dllcache
2014-01-14 14:10:22 ----D---- C:\Program Files\Common Files
2014-01-05 20:34:29 ----A---- C:\WINDOWS\system32\PerfStringBackup.INI
2014-01-04 14:36:05 ----D---- C:\Program Files\Mozilla Thunderbird

======List of drivers (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R0 aswRvrt;aswRvrt; C:\WINDOWS\system32\drivers\aswRvrt.sys [2013-05-09 49376]
R0 aswVmm;aswVmm; C:\WINDOWS\system32\drivers\aswVmm.sys [2013-06-28 175176]
R0 PxHelp20;PxHelp20; C:\WINDOWS\System32\Drivers\PxHelp20.sys [2005-12-05 20640]
R0 uagp35;Filtr Microsoft AGPv3.5; C:\WINDOWS\system32\DRIVERS\uagp35.sys [2008-04-14 44672]
R1 AswRdr;aswRdr; C:\WINDOWS\system32\drivers\AswRdr.sys [2013-05-09 49760]
R1 aswSnx;aswSnx; C:\WINDOWS\system32\drivers\aswSnx.sys [2013-06-28 770344]
R1 aswSP;aswSP; C:\WINDOWS\system32\drivers\aswSP.sys [2013-06-28 369584]
R1 aswTdi;avast! Network Shield Support; C:\WINDOWS\system32\drivers\aswTdi.sys [2013-05-09 56080]
R1 intelppm;Řadič procesoru Intel; C:\WINDOWS\system32\DRIVERS\intelppm.sys [2008-04-14 40192]
R1 kbdhid;Ovladač klávesnice standardu HID; C:\WINDOWS\system32\DRIVERS\kbdhid.sys [2008-04-14 14592]
R1 SiSkp;SiSkp; C:\WINDOWS\system32\DRIVERS\srvkp.sys [2007-06-25 18432]
R1 WS2IFSL;Windows Socket 2.0 Non-IFS Service Provider Support Environment; C:\WINDOWS\System32\drivers\ws2ifsl.sys [2008-04-14 12032]
R2 aksfridge;HASP Fridge; C:\WINDOWS\system32\DRIVERS\aksfridge.sys [2008-03-18 350720]
R2 aswFsBlk;aswFsBlk; C:\WINDOWS\system32\drivers\aswFsBlk.sys [2013-05-09 29816]
R2 aswMonFlt;aswMonFlt; \??\C:\WINDOWS\system32\drivers\aswMonFlt.sys []
R2 Hardlock;Hardlock; \??\C:\WINDOWS\system32\drivers\hardlock.sys []
R2 Haspnt;Haspnt; \??\C:\WINDOWS\system32\drivers\Haspnt.sys []
R3 HDAudBus;Ovladač Microsoft UAA pro sběrnici High Definition Audio; C:\WINDOWS\system32\DRIVERS\HDAudBus.sys [2008-04-14 144384]
R3 HidUsb;Ovladač třídy standardu HID; C:\WINDOWS\system32\DRIVERS\hidusb.sys [2008-04-14 10368]
R3 IntcAzAudAddService;Service for Realtek HD Audio (WDM); C:\WINDOWS\system32\drivers\RtkHDAud.sys [2007-08-28 4609024]
R3 mouhid;Ovladač myši standardu HID; C:\WINDOWS\system32\DRIVERS\mouhid.sys [2001-10-24 12160]
R3 MTsensor;ATK0110 ACPI UTILITY; C:\WINDOWS\system32\DRIVERS\ASACPI.sys [2004-08-12 5810]
R3 SiS315;SiS315; C:\WINDOWS\system32\DRIVERS\sisgrp.sys [2007-06-25 321536]
R3 SiSGbeXP;SiS191/SiS190 Ethernet Device NDIS 5.1 Driver; C:\WINDOWS\system32\DRIVERS\SiSGbeXP.sys [2006-12-19 41600]
R3 usbccgp;Obecný nadřazený ovladač Microsoft USB; C:\WINDOWS\system32\DRIVERS\usbccgp.sys [2013-08-09 32384]
R3 usbprint;Třída USB Printer; C:\WINDOWS\system32\DRIVERS\usbprint.sys [2008-04-13 25856]
R3 usbscan;Ovladač skeneru USB; C:\WINDOWS\system32\DRIVERS\usbscan.sys [2013-07-03 14976]
S3 akshasp;Aladdin HASP Key; C:\WINDOWS\system32\DRIVERS\akshasp.sys [2007-07-05 238976]
S3 akshhl;Aladdin HASP HL Key; C:\WINDOWS\system32\DRIVERS\akshhl.sys [2007-07-23 46336]
S3 aksusb;Aladdin USB Key; C:\WINDOWS\system32\DRIVERS\aksusb.sys [2007-07-05 14976]
S3 catchme;catchme; \??\C:\ComboFix\catchme.sys []
S3 C-Dilla;C-Dilla; \??\C:\WINDOWS\system32\drivers\CDANT.SYS []
S3 EagleXNt;EagleXNt; \??\C:\WINDOWS\system32\drivers\EagleXNt.sys []
S3 USBSTOR;Ovladač velkokapacitního paměťového zařízení USB; C:\WINDOWS\system32\DRIVERS\USBSTOR.SYS [2008-04-14 26368]
S3 WudfPf;Windows Driver Foundation - User-mode Driver Framework Platform Driver; C:\WINDOWS\system32\DRIVERS\WudfPf.sys [2006-09-28 77568]
S3 WudfRd;Windows Driver Foundation - User-mode Driver Framework Reflector; C:\WINDOWS\system32\DRIVERS\wudfrd.sys [2006-09-28 82944]

======List of services (R=Running, S=Stopped, 0=Boot, 1=System, 2=Auto, 3=Demand, 4=Disabled)======

R2 ACDaemon;ArcSoft Connect Daemon; C:\Program Files\Common Files\ArcSoft\Connection Service\Bin\ACService.exe [2010-03-18 113152]
R2 avast! Antivirus;avast! Antivirus; C:\Program Files\AVAST Software\Avast\AvastSvc.exe [2013-05-09 46808]
R2 Bonjour Service;##Id_String1.6844F930_1628_4223_B5CC_5BB94B879762##; C:\Program Files\Bonjour\mDNSResponder.exe [2006-02-28 229376]
R2 FileZilla Server;FileZilla Server FTP server; C:\Program Files\FileZilla Server\FileZilla Server.exe [2014-01-02 637440]
R2 JavaQuickStarterService;Java Quick Starter; C:\Program Files\Java\jre6\bin\jqs.exe [2010-01-22 153376]
S2 gupdate;Google Update Service (gupdate); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-01 136176]
S3 AdobeFlashPlayerUpdateSvc;Adobe Flash Player Update Service; C:\WINDOWS\system32\Macromed\Flash\FlashPlayerUpdateService.exe [2013-12-11 257416]
S3 aspnet_state;ASP.NET State Service; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\aspnet_state.exe [2008-07-25 34312]
S3 clr_optimization_v2.0.50727_32;.NET Runtime Optimization Service v2.0.50727_X86; C:\WINDOWS\Microsoft.NET\Framework\v2.0.50727\mscorsvw.exe [2008-07-25 69632]
S3 FLEXnet Licensing Service;FLEXnet Licensing Service; C:\Program Files\Common Files\Macrovision Shared\FLEXnet Publisher\FNPLicensingService.exe [2009-03-16 654848]
S3 FontCache3.0.0.0;Windows Presentation Foundation Font Cache 3.0.0.0; c:\WINDOWS\Microsoft.NET\Framework\v3.0\WPF\PresentationFontCache.exe [2008-07-29 46104]
S3 gupdatem;Služba Google Update (gupdatem); C:\Program Files\Google\Update\GoogleUpdate.exe [2010-09-01 136176]
S3 gusvc;Google Software Updater; C:\Program Files\Google\Common\Google Updater\GoogleUpdaterService.exe [2013-06-25 194032]
S3 IDriverT;InstallDriver Table Manager; C:\Program Files\Common Files\InstallShield\Driver\11\Intel 32\IDriverT.exe [2005-04-03 69632]
S3 idsvc;Windows CardSpace; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\infocard.exe [2008-07-29 881664]
S3 McComponentHostService;McAfee Security Scan Component Host Service; C:\Program Files\McAfee Security Scan\3.8.130\McCHSvc.exe [2013-09-06 235216]
S3 MozillaMaintenance;Mozilla Maintenance Service; C:\Program Files\Mozilla Maintenance Service\maintenanceservice.exe [2013-12-12 119408]
S3 odserv;Microsoft Office Diagnostics Service; C:\Program Files\Common Files\Microsoft Shared\OFFICE12\ODSERV.EXE [2011-07-20 440696]
S3 ose;Office Source Engine; C:\Program Files\Common Files\Microsoft Shared\Source Engine\OSE.EXE [2006-10-26 145184]
S3 WMPNetworkSvc;Služba Windows Media Player Network Sharing; C:\Program Files\Windows Media Player\WMPNetwk.exe [2007-01-05 913920]
S3 WudfSvc;Windows Driver Foundation - User-mode Driver Framework; C:\WINDOWS\system32\svchost.exe [2008-04-14 14336]
S4 NetTcpPortSharing;Net.Tcp Port Sharing Service; c:\WINDOWS\Microsoft.NET\Framework\v3.0\Windows Communication Foundation\SMSvcHost.exe [2008-07-29 132096]

-----------------EOF-----------------

[cernohous13]

Stáhni OTM z jednoho odkazu a rozbal nejlépe na plochu.
http://oldtimer.geekstogo.com/OTM.exe
http://www.itxassociates.com/OT-Tools/OTM.exe

Spusť program „OTM.exe“ (pro Vistu a Win7 – pravým a „Run As Administrator“).
Do okna pod žlutou čáru vlož celý text zeleným písmem ze „Scriptu“

Klikni na červené „MoveIt!“

Při nabídce restartu „YES“
a log potom najdeš v C:\_OTM\MovedFiles\ - dej mi ho sem na kontrolu

Script OTM

Kód: Vybrat vše

:Commands
[emptytemp]
[emptyflash]
[emptyjava]
[clearallrestorepoints]
[ResetHosts]

:Files
%windir%\system32\*.tmp.dll /s
%windir%\system32\SET*.tmp /s
%windir%\*.tmp /s
C:\WINDOWS\tasks\Adobe Flash Player Updater.job
C:\WINDOWS\tasks\AppleSoftwareUpdate.job
C:\WINDOWS\tasks\avast! Emergency Update.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job
C:\WINDOWS\tasks\WinZipDriverUpdater_UPDATES.job
C:\Program Files\McAfee Security Scan
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk
C:\Documents and Settings\user01\Data aplikací\Malwarebytes
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes
C:\AdwCleaner
C:\Documents and Settings\user01\Data aplikací\Seznam.cz

:Reg
[-HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}]
[HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run]
"SiSPower"=-
"APSDaemon"=-
"QuickTime Task"=-
"seznam-listicka-distribuce"=-
"OrderReminder"=-
"Adobe ARM"=-
""=-
[HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run]
"cz.seznam.software.autoupdate"=-
"cz.seznam.software.szndesktop"=-
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe]
[-HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe]

:Services
Hardlock
Haspnt
akshasp
akshhl
aksusb
catchme
C-Dilla
EagleXNt
Bonjour Service
JavaQuickStarterService
gupdate
gupdatem
gusvc
McComponentHostService

[KaterinaS]

All processes killed
========== COMMANDS ==========

[EMPTYTEMP]

User: All Users

User: Default User
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes

User: LocalService
->Temp folder emptied: 66016 bytes
->Temporary Internet Files folder emptied: 21264866 bytes

User: NetworkService
->Temp folder emptied: 0 bytes
->Temporary Internet Files folder emptied: 33170 bytes
->Flash cache emptied: 511 bytes

User: user01
->Temp folder emptied: 210755829 bytes
->Temporary Internet Files folder emptied: 37336458 bytes
->Java cache emptied: 8147865 bytes
->FireFox cache emptied: 244602712 bytes
->Google Chrome cache emptied: 47803426 bytes
->Flash cache emptied: 8161838 bytes

%systemdrive% .tmp files removed: 0 bytes
%systemroot% .tmp files removed: 0 bytes
%systemroot%\System32 .tmp files removed: 2504 bytes
%systemroot%\System32\dllcache .tmp files removed: 0 bytes
%systemroot%\System32\drivers .tmp files removed: 0 bytes
Windows Temp folder emptied: 96038738 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temp folder emptied: 175590026 bytes
%systemroot%\system32\config\systemprofile\Local Settings\Temporary Internet Files folder emptied: 33170 bytes
RecycleBin emptied: 45700132 bytes

Total Files Cleaned = 854,00 mb


[EMPTYFLASH]

User: All Users

User: Default User

User: LocalService

User: NetworkService
->Flash cache emptied: 0 bytes

User: user01
->Flash cache emptied: 0 bytes

Total Flash Files Cleaned = 0,00 mb


[EMPTYJAVA]

User: All Users

User: Default User

User: LocalService

User: NetworkService

User: user01
->Java cache emptied: 0 bytes

Total Java Files Cleaned = 0,00 mb


Restore point Set: OTM Restore Point
C:\WINDOWS\System32\drivers\etc\Hosts moved successfully.
HOSTS file reset successfully
========== FILES ==========
File/Folder C:\WINDOWS\system32\*.tmp.dll not found.
File/Folder C:\WINDOWS\system32\SET*.tmp not found.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP173.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1A7.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1B9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CA.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP1CB.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP21A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP22F.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP235.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP258.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP281.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2A6.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP2E3.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP308.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP323.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3AC.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP3C9.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP432.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP45.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP461.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP4D.tmp folder moved successfully.
C:\WINDOWS\assembly\NativeImages_v2.0.50727_32\Temp\ZAP83.tmp folder moved successfully.
C:\WINDOWS\Installer\MSI4A.tmp moved successfully.
C:\WINDOWS\Installer\MSI4CB.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt13.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt166.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt181.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt1A.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt27.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt2A.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt315.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt38.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt39.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt3A.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt4.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt41.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt52.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt54.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt56.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt58.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt5F.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt6.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt7.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt70.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt75.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt7B.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt8.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt88.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wt9.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtA.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtB.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtC8.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtDF.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtE.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtE0.tmp moved successfully.
C:\WINDOWS\system32\config\systemprofile\Data aplikací\Application Updater\temp\~wtF.tmp moved successfully.
C:\WINDOWS\tasks\Adobe Flash Player Updater.job moved successfully.
C:\WINDOWS\tasks\AppleSoftwareUpdate.job moved successfully.
C:\WINDOWS\tasks\avast! Emergency Update.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineCore.job moved successfully.
C:\WINDOWS\tasks\GoogleUpdateTaskMachineUA.job moved successfully.
C:\WINDOWS\tasks\WinZipDriverUpdater_UPDATES.job moved successfully.
C:\Program Files\McAfee Security Scan\3.8.130\sacoredata folder moved successfully.
C:\Program Files\McAfee Security Scan\3.8.130 folder moved successfully.
C:\Program Files\McAfee Security Scan folder moved successfully.
C:\Documents and Settings\All Users\Nabídka Start\Programy\Po spuštění\McAfee Security Scan Plus.lnk moved successfully.
C:\Documents and Settings\user01\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Quarantine folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Malwarebytes folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Logs folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware\Configuration folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes\Malwarebytes' Anti-Malware folder moved successfully.
C:\Documents and Settings\All Users\Data aplikací\Malwarebytes folder moved successfully.
C:\AdwCleaner folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\uninstall folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\install folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\data\chrome folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\data folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\conf\szndesktop.d folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\conf\libfoxcub folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\conf folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz\bin folder moved successfully.
C:\Documents and Settings\user01\Data aplikací\Seznam.cz folder moved successfully.
========== REGISTRY ==========
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\MozillaPlugins\@mcafee.com/McAfeeMssPlugin\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{0E8A89AD-95D7-40EB-8D9D-083EF7066A01}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows\CurrentVersion\Explorer\Browser Helper Objects\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Classes\CLSID\{AF69DE43-7D58-4638-B6FA-CE66B5AD205D}\ deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\SiSPower deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\APSDaemon deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\QuickTime Task deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\seznam-listicka-distribuce deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\OrderReminder deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\Adobe ARM deleted successfully.
Registry value HKEY_LOCAL_MACHINE\Software\Microsoft\Windows\CurrentVersion\Run\\ deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.autoupdate deleted successfully.
Registry value HKEY_CURRENT_USER\Software\Microsoft\Windows\CurrentVersion\Run\\cz.seznam.software.szndesktop deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\bpsvc.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\browsersafeguard.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\protectedsearch.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\rjatydimofu.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\searchprotection.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\snapdo.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst32.exe\ deleted successfully.
Registry key HKEY_LOCAL_MACHINE\SOFTWARE\Microsoft\Windows NT\CurrentVersion\Image File Execution Options\stinst64.exe\ deleted successfully.
========== SERVICES/DRIVERS ==========
Service Hardlock stopped successfully!
Service Hardlock deleted successfully!
Service Haspnt stopped successfully!
Service Haspnt deleted successfully!
Service akshasp stopped successfully!
Service akshasp deleted successfully!
Service akshhl stopped successfully!
Service akshhl deleted successfully!
Service aksusb stopped successfully!
Service aksusb deleted successfully!
Service catchme stopped successfully!
Service catchme deleted successfully!
Service C-Dilla stopped successfully!
Service C-Dilla deleted successfully!
Service EagleXNt stopped successfully!
Service EagleXNt deleted successfully!
Service Bonjour Service stopped successfully!
Service Bonjour Service deleted successfully!
Service JavaQuickStarterService stopped successfully!
Service JavaQuickStarterService deleted successfully!
Service gupdate stopped successfully!
Service gupdate deleted successfully!
Service gupdatem stopped successfully!
Service gupdatem deleted successfully!
Service gusvc stopped successfully!
Service gusvc deleted successfully!
Service McComponentHostService stopped successfully!
Service McComponentHostService deleted successfully!

OTM by OldTimer - Version 3.1.21.0 log created on 01212014_132625

Files moved on Reboot...
File move failed. C:\WINDOWS\temp\_avast_\Webshlock.txt scheduled to be moved on reboot.
File C:\WINDOWS\temp\hlktmp not found!

Registry entries deleted on Reboot...